On March 24, Utah’s Governor Spencer Cox signed the Utah Consumer Privacy Act (Utah Law) into law, making it the fourth state privacy law enacted in the United States. The Utah regulation joins the California Consumer Privacy Act (CCPA), which was amended by the California Privacy Rights Act of 2020 (CPRA), Virginia Consumer Data Protection Act (Virginia Law), and the Colorado Privacy Act (Colorado Law).
When legal counsel acts as the steward and initiates a policy program, your enterprise will gain online integrity and increased chances for reaching its overall strategic plan.
The severity and damage can vary, but some kind of breach is inevitable. When that happens, you won’t have time to figure out what to do. You need an action plan that can be implemented immediately, covering everything from how you stop an attack to how you notify customers whose information may have been compromised.
For all sorts of reasons -- some of them justified, some not -- IT has earned a reputation as the place where good ideas go to die. It's time to change that thinking!
Redesigning the structure of the IT organization and the role it plays in the company is a huge job, and not something you can do on your own (or even with your own leadership team)! You’ll need help from allies throughout the company.
Today’s CIO has a once-in-a-career opportunity to build an organization that can fulfill a very real need: that of in-house consultant. For many IT organizations, that won’t be easy, but no part of digital transformation is. For IT, it’s a complete change of mission, from one of control and gatekeeping to one of support and advice.
As organizations dive head-first into new technologies to avoid being victims of digital disruption, they’re taking on new risks that aren’t even on the radar of many auditors.
Before you jump in the deep end of the pool that is known as conversational AI, take the opportunity to consider the role of digital policies in keeping your enterprise protected while also reaping the rewards that the new channel provides.
The world has certainly changed for all of us in the past five months. While the largest casualty of the pandemic has been human lives and the negatively impacted health of many survivors, digital privacy is also at the top of that list.
Do you have a process for determining how (or even whether) you should respond to users on racial and social justice issues? Here's my advice for getting some digital policies and processes in place.
Consumers are paying attention to racial and other social justice issues now, and they’re demanding that brands do the same. Do you have your processes defined to address the issues correctly?
How do you create policies that act as guard rails, giving employees a high degree of freedom within a framework established to minimize the possibility of making a mistake?
When COVID-19 erupted into our lives, we had to adapt quickly, working from home despite what our digital policies might say about security and personal devices.
I urge IT professionals and digital policy stewards alike, to broaden the scope of discussions to include other situations that may require a change in digital policies such as changes in technology. And here is how to get started!
Natural disasters -- hurricanes, tornados, earthquakes, etc. -- disrupt “business as usual” for both you and your customers. One way to avoid disruptions is to create sound digital policies. Let's delve into the how and what to get this done!
Knowing that sooner or later, you will need to address a data breach within your organization, fear is not the answer. Proactively preparing yourself and bringing good people into the fold to create the right proactive and response team, is the right solution.
How many times do you hear that IT is slowing down the digital marketing process, focused so much on security that Marketing can’t be responsive to user needs? Or how many times does it seem like Marketing is not giving any thought to serious operational considerations, such as backups and disaster recovery?
Coronavirus means revenue loss for many organizations . But what positive impact, or opportunity, can your business realize amidst such a crisis? The answer is "significant," so long as you have the right policies in place.
No matter where your digital communications and marketing efforts are focused, you have users who have a disability. It only makes sense to include them and offer a way for them to access digital content.
What will you start/stop/keep doing in 2020 to best utilize your time in sharing and learning digital practices? I’ve sorted through my reflections and plans.
One way to surprise your users (in a bad way) is to pre-date content and hang up your "out of office for the rest of the year" sign.
The leadership must be committed to investing the necessary resources of time, money, human resources, and, in some cases, technology. So how do you get your management on board with digital policy aspirations?
“The views are my own and don't reflect those of my employer." is not a bulletproof statement. The views of the employee might not be those of the organization, but the employee is part of the organization, and what is said in social media reflects directly back on the organization.
FaceApp, the mobile app introduced in 2017 and suddenly experiencing a revival in social media, might offer a few minutes of fun. But the impact on your personal privacy will be forever.
You know that your organization needs a digital policy program in order to support tangible, business objectives. But getting your stakeholders to buy into digital policies can feel a lot like getting toddlers to eat spinach.
While I certainly don’t think it’s necessary for you to learn about things like processors and RAM, I do think it’s important to understand how the internet affects our lives both personally and as a society. Here is a resource to steer you in the right direction.
Comprehensive digital policies and practices ensure that a business complies with regulations. Counterintuitively, they also help the bottom line, unlock opportunity and streamline operations.
This is the time for companies to institutionalize (create, codify, train, hold accountable) smart and sound digital policies and practices in order to reduce digital risk and capitalize on the opportunities.
No need to fear yet another data privacy regulation! Learn the differences between GDPR and CCPA to plan and keep yourself above the fray appropriately.
It would be nice if we could create laws before the situations they address present themselves, but the law rarely works that way. Here is how to provide digital policy guidance in an ever-changing landscape
If you’re responsible for digital governance at your organization, pay close attention to case studies of companies like Nike and Intel to learn how digital policies can be used to support, encourage, and inspire digital workers
It’s not business as usual! The rise in data protection laws is impacting your digital marketing and online operations.
Katie Quinn, the wife of Lewiston, CA's fire chief used social media to provide key information and a sense calm during the recent Carr Fire. Depending on your organizational culture, industry, and maturity, you should think twice before replicating such a governing model. Or if you do, you might want to reach out to Katie for some training!
What you need to know about the GDPR stance on automated decision-making
The 2018 World Technology Conference took place in Seattle recently and I was lucky enough to attend this mind meld event. Read on for observations and highlights.
Is your company US-based and assuming that GDPR doesn't have an impact since you don't have offices in the EU? Wrong!
Listen up marketers! If you have not heard of the GDPR or if you assumed that you’re in the clear because you’re in the U.S. rather than the EU, here is what you need to know.
What can your organization do to guide employees into correctly balancing their rights to free speech and personal use of social media, while also protecting the brand and reputation of your company?
All eyes have been on GDPR, but there is more to digital integrity and online risk coming our way. Pay attention to the proverbial forest as well as the trees.
I recently attended two conferences, the DX Summit and Gilbane, and share my key takeway on a shift in digital.
Policies are a two-pronged opportunity for layers: Protecting clients from dangers and generating revenue in the process.
Use this list to determine which digital policies you choose to create and adopt depend on variables particular to your organization.
Here is how you incorporate existing standards into your own set for organizational use.
There are no perfect sets of standards, but you can come close with these tips.
Nothing! As long as you use them in the right way. Here is how.
Don't re-create policies and silo digital requirements. Instead, extend organizational policies to include digital.
What is the difference between a good and a bad standard? It's contents of course!
To remain competitive in today’s market and continue to exist in the face of increasing digital and business disruption your legacy digital processes and operational models must be updated. Here's what to consider.
Quality tools are not inherently bad or a poor investment, but you need to understand their capabilities and the value they will add to the organization.
Deciding exactly how many standards authors you should have, and how many is too many, is exactly what we tease out during digital governance framework definition efforts.
Writing 10-15 pages of guidance in legalese and saving a PDF version to your Intranet is not the way to go about writing good digital policy. Here is what it really takes, and it's easy!
A primer on how to get started with digital policy development.
There is more to standards than writing down guidance. Here's what it takes to get them adopted and used.
How can your organizations set itself apart in a world of diminishing online privacy?
The idea that you need to tie standards development to a redesign or any other milestone or event is a myth.
You are likelier to engage more colleagues and develop a culture of collaboration if you understand the difference between a standard and a guideline.
Once you have identified who in your organizations should be tasked with establishing digital policy, it is time to assign official duties. I have provided a good list to get you started.
Security and data breach. Branding. Trademarks and copyrights. Social media usage. Search engine optimization. Digital marketing content ownership. Who in your organization is thinking about these issues hollistically?
If you have an online presence, you have an online risk. And it extends way beyond publishing a blog post with an embarrassing spelling error.
Use the WanaCrypt opportunity to re-examine your approach to digital policy as well as the roles of those invested in your digital.
Data security and data breaches are a big deal. Get the list of countries that have legal requirements for notification.
Today business users and digital marketers challenge their organization’s online integrity in many ways. Lawyers can help avoid the legal and regulatory landmines that pose a threat.
Many U.S.-based companies extend their service and product reach into Canada with the assumption that our northern neighbors have the same regulatory and legal requirements. Unfortunately, this is not the case.
Stand up a functional policy program to align your organization to individual accountabilities for digital. In doing so, you can stop your organization from failing and begin to celebrate online integrity of your digital operations.
If you don't currently have an accessibility policy, these are the steps you should take to create one.
Why an organization should have a linking policy, one which states when it is acceptable to link from their website to another.
Details on the new security framework is available for industrial Internet of Things (IoT).
The program requires self-certification, which underscores the need for your organization to have a digital policy steward who will track requirements and ensure your organization is compliant.
Why not look at the policies developed by other organizations and copy them?
If you have not yet defined a data breach policy and a corresponding “first 48 hours” response plan — now is the time.
What does it mean to have a good policy? Do you simply write out a document that checks the box or do you really consider your audience and write simple and understandable policies? Here is a quick look at what makes a policy a good one.
Data collection, information storage and its transfer across country or regional borders (think Russia, Kazakhstan, Australia, or EU) resides in an increasingly complex realm. Here is what you should consider for your practices.
Change management practices for good content management system adoption.
So if you are thinking about cleaning up your existing site or migrating to an entirely new platform, this is the time to consider how you will govern your content and the principles around it, from written work to access.
Your digital channels (and you!) deserve a lifetime of happiness, whether you see that as making it to your silver wedding anniversary or having someone with you into your golden years.
The reality is that most organizations will be less efficient and less effective.
What is your governance model and is it working? There are at least three ingredients you need to make it a success.
Is SharePoint the right tool? As long as you govern.
A few years ago, it would have been unheard of to have a Chief Digital Officer (CDO) in an organization.